When I run a sadf utility with the stat file, it leads double free bug in check_file_actlst().
$ ./sadf dfree_sysstat.in
skip_extra_struct: extra_size=0 types=0,16777216,128
=================================================================
==25128==ERROR: AddressSanitizer: attempting double-free on 0x60b000000250 in thread T0:
#0 0x7f83c49ab7b8 in __interceptor_free (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xde7b8)
#1 0x55cc66ccab45 in check_file_actlst ~/sysstat/sa_common.c:2198
#2 0x55cc66c4e3aa in read_stats_from_file ~/sysstat/sadf.c:1453
#3 0x55cc66c474f7 in main ~/sysstat/sadf.c:1883
#4 0x7f83c44fdb96 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21b96)
#5 0x55cc66c48ad9 in _start (~/sysstat/sadf+0x27ad9)
0x60b000000250 is located 0 bytes inside of 100-byte region [0x60b000000250,0x60b0000002b4)
freed by thread T0 here:
#0 0x7f83c49ab7b8 in __interceptor_free (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xde7b8)
#1 0x55cc66cca6b1 in check_file_actlst ~/sysstat/sa_common.c:2155
previously allocated by thread T0 here:
#0 0x7f83c49abf40 in realloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xdef40)
#1 0x55cc66cc9f05 in check_file_actlst ~/sysstat/sa_common.c:2030
SUMMARY: AddressSanitizer: double-free (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xde7b8) in __interceptor_free
==25128==ABORTING
If skip_extra_struct fails at this line, read_stats_from_file falls into format_error: label and try to free buffer here.
However buffer has been already freed before, causes double free bug.
Thanks
The text was updated successfully, but these errors were encountered:
When I run a sadf utility with the stat file, it leads double free bug in check_file_actlst().
If skip_extra_struct fails at this line, read_stats_from_file falls into format_error: label and try to free buffer here.
However buffer has been already freed before, causes double free bug.
Thanks
The text was updated successfully, but these errors were encountered: